Known vulnerabilities in Fortinet, Inc FortiPortal

Vendor: Fortinet, Inc
Website: https://www.fortinet.com/
Total Security Bulletins: 27

Security bulletins (27)

Secuity bulletin Severity Status Published
SB20260206121: FortiPortal update for OpenSSL High
Patched Public exploit
06.02.2026
SB2025120943: Incorrect authorization in FortiPortal Low
Patched
09.12.2025
SB2025120942: Insecure private key storage in Fortinet products Low
Patched
09.12.2025
SB2025061111: Authorization bypass through user-controlled key in FortiPortal Low
Patched
11.06.2025
SB2025051359: Inclusion of Sensitive Information in Log Files in FortiPortal Low
Patched
13.05.2025
SB2025041043: Stored HTML injection in FortiPortal Low
Patched
10.04.2025
SB2025041034: Information disclosure in FortiPortal Low
Patched
10.04.2025
SB20250211156: Information disclosure in FortiPortal Medium
Patched
11.02.2025
SB2024112166: MitM attack in FortiPortal Medium
Patched
21.11.2024
SB20241112156: Improper authentication in FortiPortal fgfmd Medium
Patched
12.11.2024
SB20241112150: Improper access control in FortiPortal Medium
Patched
12.11.2024
SB2024070991: Information disclosure in FortiPortal Low
Patched
09.07.2024
SB20240611272: Blind SQL injection in FortiPortal Low
Patched
11.06.2024
SB2024051612: Information disclosure in FortiPortal Low
Patched
16.05.2024
SB2024051535: Client IP spoofing in FortiPortal Medium
Patched
15.05.2024
SB2024031434: Format string error in Fortinet FortiManager, FortiAnalyzer, FortiAnalyzer-BigData and FortiPortal Low
Patched
14.03.2024
SB2024010981: Multiple vulnerabilities in FortiPortal Low
Patched
09.01.2024
SB2023122904: Authenticated command injection in FortiPortal Medium
Patched
29.12.2023
SB2023041219: Information disclosure in Fortinet products Medium
Patched
12.04.2023
SB2023021725: Exposure of cleartext passwords in FortiPortal audit log Medium
Patched
17.02.2023
SB2023010326: Cross-site scripting in FortiPortal Low
Patched
03.01.2023
SB2022030126: Authentication bypass via password reset feature in FortiPortal High
Patched
01.03.2022
SB2021121303: Remote code execution in FortiPortal (Apache Log4j component) Critical
Patched Exploited
13.12.2021
SB2021111614: Multiple vulnerabilities in Fortinet FortiPortal Medium
Patched
16.11.2021
SB2021111613: Multiple vulnerabilities in Fortinet FortiPortal Low
Patched
16.11.2021
SB2021111611: XML External Entity injection in Fortinet FortiPortal Low
Patched
16.11.2021
SB2021080312: Multiple vulnerabilities in Fortinet FortiPortal Critical
Patched
03.08.2021